QUIC: Implement SSL_rstate_string(_long)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/20061)

diff --git a/doc/man3/SSL_rstate_string.pod b/doc/man3/SSL_rstate_string.pod
index 46680a0ef62d89b777c6ae0c5616135faac55206..1df65e199a7faa4a4b066c3480baafc431142355 100644 (file)
--- a/doc/man3/SSL_rstate_string.pod
+++ b/doc/man3/SSL_rstate_string.pod
@@ -48,6 +48,8 @@ The read state is unknown. This should never happen.
 
 =back
 
+When used with QUIC SSL objects, these functions always return "unknown".
+
 =head1 SEE ALSO
 
 L<ssl(7)>

diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c
index f9806e979912de28ba91e9d8e743b334fc761bab..fe41568de9e6d1104dac08546c40db466c2889ac 100644 (file)
--- a/ssl/record/rec_layer_s3.c
+++ b/ssl/record/rec_layer_s3.c
@@ -170,8 +170,16 @@ void SSL_set_default_read_buffer_len(SSL *s, size_t len)
 const char *SSL_rstate_string_long(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *lng;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 
@@ -186,8 +194,16 @@ const char *SSL_rstate_string_long(const SSL *s)
 const char *SSL_rstate_string(const SSL *s)
 {
     const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s);
+#ifndef OPENSSL_NO_QUIC
+    const QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_CONST_SSL(s);
+#endif
     const char *shrt;
 
+#ifndef OPENSSL_NO_QUIC
+    if (qc != NULL)
+        return "unknown";
+#endif
+
     if (sc == NULL)
         return NULL;
 

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 4288721eb2efba9dba2798715d0be04d1fb5874e..cad4e5f68774d915fd9d1e519cd05db907329fec 100644 (file)
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -6974,6 +6974,12 @@ void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
 void SSL_set_post_handshake_auth(SSL *ssl, int val)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL)
+        return;
+#endif
 
     if (sc == NULL)
         return;
@@ -6984,6 +6990,14 @@ void SSL_set_post_handshake_auth(SSL *ssl, int val)
 int SSL_verify_client_post_handshake(SSL *ssl)
 {
     SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(ssl);
+#ifndef OPENSSL_NO_QUIC
+    QUIC_CONNECTION *qc = QUIC_CONNECTION_FROM_SSL(ssl);
+
+    if (qc != NULL) {
+        ERR_raise(ERR_LIB_SSL, SSL_R_WRONG_SSL_VERSION);
+        return 0;
+    }
+#endif
 
     if (sc == NULL)
         return 0;